• Home
  • Laptops
  • Laptops News
  • Apple Misses Fixing Zero Day Vulnerabilities in macOS Big Sur, Catalina; Brings macOS Monterey 12.4 Public Beta 1

Apple Misses Fixing Zero-Day Vulnerabilities in macOS Big Sur, Catalina; Brings macOS Monterey 12.4 Public Beta 1

Apple said to have made 35–40 percent of all supported Mac machines vulnerable to attacks due to the miss.

Apple Misses Fixing Zero-Day Vulnerabilities in macOS Big Sur, Catalina; Brings macOS Monterey 12.4 Public Beta 1

Photo Credit: Apple

Apple last week fixed the zero-day flaws for users on macOS Monterey

Highlights
  • macOS Big Sur and Catalina users are at risk of being attacked
  • Apple has not yet provided any updates on the security fixes
  • macOS Monterey 12.4 public beta release is available for testing
Advertisement

Apple appears to have ignored macOS Big Sur and macOS Catalina while fixing two zero-day vulnerabilities that it patched in macOS Monterey 12.3.1 last week. The issues were found in Apple's audio and video decoding framework AppleAVD and the Intel graphics driver. Separately, Apple has released the first public beta of macOS Monterey 12.4 just a day after providing the update to developers. Exact details on when the new macOS release will be available to users publicly are yet to be revealed, though.

Security software maker Intego estimated in a blog post that by not fixing the two known zero-day vulnerabilities, Apple has chosen to make 35–40 percent of all supported Mac machines vulnerable to attacks. The vulnerabilities that were recorded as CVE-2022-22675 and CVE-2022-22674 were fixed for the users on macOS Monterey through the latest update that was released last week.

The CVE-2022-22675 is related to a bug affecting the AppleAVD framework that could help attackers gain kernel privileges by using an app to execute arbitrary code, while the CVE-2022-22674 is for the flaw that existed in the Intel Graphics driver. The latter could allow apps to read kernel memory.

At the time of recording the security fixes last week, Apple wrote on its support page that it was aware of reports that the issues might "have been actively exploited" by attackers.

However, the Cupertino giant has still not released the same fixes for its users on older macOS versions.

Intego said that this was the first time since the release of macOS Monterey that Apple neglected to patch actively exploited vulnerabilities for macOS Big Sur and macOS Catalina users.

The vulnerability CVE-2022-22675 also exists in iOS 14 and iPadOS 14, Intego said, citing security analyst Mickey Jin. However, Apple stopped supporting both software versions in January, so a large number of users seem to have already moved to iOS 15 or iPadOS 15 — depending on the devices they have.

The systems on macOS Big Sur and Catalina are, though, still eligible for receiving security updates. It is, thus, unclear why Apple didn't release patches for those systems this time.

Gadgets 360 has reached out to Apple for a comment on the matter and will update this article when the company responds.

Intego said that Apple had not responded to its requests to update older macOS versions.

While macOS Big Sur and Catalina machines are yet to receive the latest security patch, Apple has released the first public beta of its macOS Monterey 12.4 to test its new operating system version. The update comes just a day after the beta release was made available to developers.

Details on what features macOS Monterey 12.4 public beta brings to users are yet to be revealed. However, the release notes do say that the Universal Control in the new iPadOS 15.5 and macOS Monterey 12.4 updates is not compatible with machines running macOS 12.3 or iPadOS 15.4, as reported by MacRumors.

This means that users updating their Mac machines to the latest beta release need to install the first beta release of iPadOS 15.5 on their iPad to use the Universal Control feature.

The first developer beta release of iPadOS 15.5 is available alongside the iOS 15.5 beta 1.

Users who have enrolled for the public beta testing can look for the macOS Monterey 12.4 release by going to System Preferences > Software Update after clicking on the Apple menu icon. New users can enrol in the Apple Beta Software Programme from the Apple site. It is important to point out that beta releases are meant specifically for testing purposes and are likely to introduce bugs.


Will the 2022 iPhone SE sink or swim? We discuss this on Orbital, the Gadgets 360 podcast. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.
Affiliate links may be automatically generated - see our ethics statement for details.
Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Ukraine Crisis: Facebook-Parent Meta Says Russian Invasion Driving More Disinformation Online
Facebook Gadgets360 Twitter Share Tweet Snapchat LinkedIn Reddit Comment google-newsGoogle News

Advertisement

Follow Us
© Copyright Red Pixels Ventures Limited 2024. All rights reserved.
Trending Products »
Latest Tech News »